Secure Internet Banking Authentication

The authors present two challenge–response Internet banking authentication solutions—one based on short-time passwords and one on certificates—and then describe how easily these solutions can be extended should sophisticated content-manipulation attacks arise.

The Internet is an integral part of our daily lives, and the proportion of people who expect to be able to manage their bank accounts anywhere, anytime is constantly growing. As such, Internet banking has come of age as a crucial component of any financial institution’s multichannel strategy.
Information about financial institutions, their customers, and their transactions is, by necessity, extremely sensitive; thus, doing such business via a public network introduces new challenges for security and trustworthiness.

Any Internet banking system must solve the issues of authentication, confidentiality, integrity, and nonrepudiation, which means it must ensure that only qualified people can access an Internet banking account, that the information viewed remains private and can’t be modified by third parties, and that any transactions made are traceable and verifiable. For confidentiality and integrity, Secure Sockets Layer/Transport Layer Security (SSL/TLS) is the de facto Internet banking standard, whereas for authentication and nonrepudiation, no single scheme has become predominant yet.

Internet banking systems must authenticate users before granting them access to particular services. More precisely, the banking system must determine whether a user is, in fact, who he or she claims to be by asking for direct or indirect proof of knowledge about some sort of secret or credential. With the assumption that only an authentic user can provide such answers, successful authentication eventually enables users to access their private information.

Where do banks get the money to lend?

They get it from people who open accounts.

Banks act as go-betweens for people who save and people who want to borrow. If savers didn’t put their money in banks, the banks would have little or no money to lend.

Your savings are combined with the savings of others to form a big pool of money, and the bank uses that money to make loans.

The money doesn’t belong to the bank’s president, board of directors, or stockholders. It belongs to you and the other depositors. That’s why bankers have a special obligation not to take big risks when they make loans.

What is a bank?

A bank is a business. But unlike some businesses, banks don’t manufacture products or extract natural resources from the earth. Banks sell financial services such as car loans, home mort-gage loans, business loans, checking accounts, credit card services, certificates of deposit, and individual retirement accounts.Some people go to banks in search of a safe place to keep their money.

Others are seeking to borrow money to buy a house or a car, start a business, expand a farm, pay for college, or do other things that require borrowing money.

Where do banks get the money to lend? They get it from people who open accounts.

Banks act as go-betweens for people who save and people who want to borrow. If savers didn’t put their money in banks, the banks would have little or no money to lend.Your savings are combined with the savings of others to form a big pool of money, and the bank uses that money to make loans.

The money doesn’t belong to the bank’s president, board of directors, or stockholders. It belongs to you and the other depositors. That’s why bankers have a special obligation not to take big risks when they make loans.

Introduction Bank

Some young savers stash their cash in shoe boxes or jelly jars. Others use “piggy banks,” which today look more like spaceships or cartoon characters.

In any case, the same problem arises. Sooner or later, the piggy bank or jelly jar fills up, and you have to make a decision: Should I spend the money or continue to save? And if I continue to save, should I open a bank account or just find a bigger jar?

Maybe you’ve had to face such a decision yourself. If you decide to keep your money at home, it will just sit there and won’t earn any extra money for you. You also run the risk that a burglar, a fire, or some other disaster will wipe out your savings in the wink of an eye.

Then again, if you open a bank account, you can’t “visit” your money as easily as you can when it sits in your dresser drawer. You can’t just walk into a bank in the middle of the night to count your cash.

You can’t run the coins through your fingers or toss the bills in the air and let them rain down on your head.Opening a bank account is a big step because you are putting your money in someone else’s hands. You’re counting on someone else to handle your money responsibly.

Before you do that, it might be a good idea to understand how banks operate.That’s the purpose of this pamphlet. It won’t tell you everything there is to know about banks and banking, but we hope it will be a good basic introduction.